October 2022 - Lug-nuts

by saclug＠garymcglinn.com

Again sent earlier. Thanks for the intervening comments about vulnerabiliteis and versions. A lot of issues and suggestions have been made and raised. My brief response is that yes, according to nmap and my intention I had port 23, for ssh (I moved it) and port 5900 open and the rpc port, I think. I'm going by memory. Theoretically the only pinhole in the ISP router firewall was port 23. To use port 5900, you had to use an ssh tunnel. My web server is on another machine. Since I only use it for development, I don't leave it up. My actual web pages are hosted externally on a vendor's box. My experience with the upgrade treadmill is that it is a waste of time. By its own admission (if a concept can have that) the new versions will have issues and you need to upgrade. If the issues with an older version don't affect you, then it is perfectly fine to use it. Why upgrade and risk the fact that the new issues will affect your use case. The developers for Fedora 13 were no smarter or dumber than the developers who are writing Fedora 36. Or pick your distro of choice. The issue with an older release is that nifty new things come out and you can't really use them. But, if you run a VM with a recent version of the distro, you can use them just fine. The other issues is that if you are getting vendor support, they can only reasonably commit to supporting a limited number of versions. This is AMD hardware from '06. -Gary On Fri, Aug 05, 2022 at 06:19:54PM -0700, Rick Moen wrote: > Quoting Brian E. Lavender (brian(a)brie.com): > > > Gary, > > > > You were running Fedora 13? > > If so, _that_ is likely a big problem. Fedora 13's initial release was > May 25, 2010, and it was EOLed on June 24, 2011. > > Because Fedora. If you don't want to keep moving to newer versions, > it's about the worst possible distro. (But it's possible Gary meant > that he did _original_ installation 15 years ago, but has been following > the recommended upgrade treadmill^W path. > > Linus Sphinx wrote: > > > https://www.bleepingcomputer.com/news/security/new-linux-malware-brute-forc… > > You know, I have a _lot_ of things to be grateful for, and somewhere on > the list is the glad tidings that I don't need to rely on > Bleepingcomputer.com for IT information. > > Over the past 1.5 months since its discovery, the new botnet used > over 3,500 unique IPs worldwide to scan and attempt brute-forcing Linux > SSH servers. > [...] > The SSH brute-forcing relies on a list of credentials downloaded from > the [command and control server]. [...] > > *snore* > > So, doorknob-twisting for "joe accounts", like user=service > password=manager and like that. > > Guestimate the math, and measure the lengthly setup and teardown times > for remote connections to an sshd, and you'll find that > dictionary-attacking an sshd with any reasonable rules set about > password quality and length is going to take an appreciable fraction of > the time to the heat death of the universe, to succeed. > > I mentioned upthread that a lot of IT device comes from gadget freaks. > The _other_ common problem is that most security _articles_ are > copied-pasted press releases from security/antimalware firms. > So, they're big on shockhorror, and small on conveying understanding. > > I've only quick-glanced at this article about enforcing password policy > via PAM, so won't swear to it being a good one: > https://www.techrepublic.com/article/controlling-passwords-with-pam/ > Of course, if you're the -only- user, you ought to stick to decent > passwords without PAM forcing you to. (Also, a user who can su to > root has the power to overrule PAM. But if you do that, you have only > yourself to blame for consequences.) > > _______________________________________________ > Lug-nuts mailing list -- lug-nuts(a)bigbrie.com > To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com ----- End forwarded message -----

2 years, 6 months

6
12
0 0

Pale Moon

by Gary

Any thoughts on the Pale Moon web browser? I was looking around on Honda's web site and they complained about my web browser being out of date. On that VM, its Firefox 84. I clicked on "learn more" hoping that Honda would tell me exactly why they wanted me to upgrade. It's not a bank, after all, and they offered me browser options. Admittedly, I live under a rock. But, I had never heard of Pale Moon. I went to their home page and am going to give it a try. I resist browser upgardes because they often change the layout, for no apparent reason. And, the new "features" are often things I don't like. Such as storing a bunch on info on my browser so they don't have to (which I suspect may be Honda's motive). So, if I was going to have to deal with I new layout anyhow, I decided to go for broke and try something actually new. Security? Its a Honda site. Unless they want me to protect against malware from them, I don't get it. -Gary

3 years, 4 months

3
4
0 0

Re: Pale Moon

by Gary

Well, I never heard of it and I don't care for Chromium. Are you using it? I forwarded my reply to the list because I thought it was your intention to reply there. -Gary On Mon, Oct 31, 2022 at 06:52:25AM -0700, bob r wrote: > Gary, > Is there any reason why you have not tried the Brave browser yet? > Bob > > On Sun, Oct 30, 2022 at 6:38 PM Gary <saclug(a)garymcglinn.com> wrote: > > > I went to the Volkswagen site and my Firefox 84 had some problems. So, I > > installed Firefox 106. The widgets/trim are ugly, but it didn't have any > > issues on the Volkswagen site. Interestingly to me, the page layout was > > completely different. Not sure what has come online recently as far as > > what browsers have to support, but there is definitely something > > substantial that is new. > > > > -Gary > > > > On Sat, Oct 29, 2022 at 06:36:07AM -0700, Gary wrote: > > > OK, I've seen enough. In palemoon the "learn more" button on > > Wolkswagens web site doesn't work. It doesn't seem to be recognized. > > Works fine in old Firefox. > > > > > > -Gary > > > > > > On Sat, Oct 29, 2022 at 05:47:55AM -0700, Gary wrote: > > > > Any thoughts on the Pale Moon web browser? > > > > > > > > I was looking around on Honda's web site and they complained about my > > web browser being out of date. On that VM, its Firefox 84. I clicked on > > "learn more" hoping that Honda would tell me exactly why they wanted me to > > upgrade. It's not a bank, after all, and they offered me browser options. > > > > > > > > Admittedly, I live under a rock. But, I had never heard of Pale > > Moon. I went to their home page and am going to give it a try. > > > > > > > > I resist browser upgardes because they often change the layout, for no > > apparent reason. And, the new "features" are often things I don't like. > > Such as storing a bunch on info on my browser so they don't have to (which > > I suspect may be Honda's motive). So, if I was going to have to deal with > > I new layout anyhow, I decided to go for broke and try something actually > > new. > > > > > > > > Security? Its a Honda site. Unless they want me to protect against > > malware from them, I don't get it. > > > > > > > > -Gary > > > > _______________________________________________ > > > > Lug-nuts mailing list -- lug-nuts(a)bigbrie.com > > > > To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com > > > _______________________________________________ > > > Lug-nuts mailing list -- lug-nuts(a)bigbrie.com > > > To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com > > _______________________________________________ > > Lug-nuts mailing list -- lug-nuts(a)bigbrie.com > > To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com > >

3 years, 4 months

1
0
0 0

Firewalls

by Charles Polisher

Hello list, Finally have working firewall rules analysis code up & running. This turns out to be a hard problem! A lot of people have worked out the math, but there are a ton of picky obstacles to applying them to real sets of iptables rules. I hope to flesh out the code over the next few months and am hoping for a release (public open source) soon. -- Charles Polisher

3 years, 4 months

3
7
0 0

got the pilot's license!

by Brian E. Lavender

Hey Everyone, I passed my check ride this last Friday for private pilot! woo hoo. This has been what I call "Curiosity killed the cat adventure.", in the figurative sense of course. ;-) It was all partly inspired by work with Spark/Ada while I was at Sac State and few guest lectures I gave to the CSC 201 class at Sac State on Spark/Ada revolving around the implementation of Spark/Ada in the C130J upgrades. While I found the use of Spark/Ada interesting in the C130J, I couldn't help wondering what more is involved with the aircraft. So, I took pilot training lessons! Well, it has been a lot of work. I can fly a Cessna 172 now! It's not quite a C130J, but it sure gives that hands on feel! Here is an interesting paper! https://www.sigada.org/ada_letters/dec2000/chapman-paper.pdf Brian -- Brian Lavender http://www.brie.com/brian/ "There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies." Professor C. A. R. Hoare The 1980 Turing award lecture

3 years, 4 months

3
3
0 0

Scripting Rules

by Linus Sphinx

Lot to be said for consistency. #======= #!/usr/local/bin/tclsh # # iptables firewall script generator v0.1 by sphinx # January 1st, 2001 # set EXTERNALIF "none" set INTERNALIF "none" function grok_address { IP=`ifconfig $1 2>/dev/null| grep inet | cut -d : -f 2 | cut -d \ -f 1` MASK=`ifconfig $1 2>/dev/null| grep Mask | cut -d : -f 4` NET=`route -n | grep eth0 | grep $MASK | grep -w "U" | cut -d\ -f1` echo "$IP/$MASK" } function grok_net { MASK=`ifconfig $1 2>/dev/null| grep Mask | cut -d : -f 4` NET=`route -n | grep $1 | grep $MASK | grep -w "U" | cut -d\ -f1` echo "$NET/$MASK" } echo -n "Checking External Interface..." if [ "`grok_interface $EXTERNALIF`" != "1" ]; then echo "$EXTERNALIF unavailable. Aborting." export PATH=$ORIGPATH exit else echo "found $EXTERNALIF" echo "External Interface Data:" echo "Address: `grok_address $EXTERNALIF`" echo "Network: `grok_net $EXTERNALIF`" fi echo -n "Checking Internal Interface..." if [ "$INTERNALIF" = "none" ]; then STANDALONE="1" echo "None specified" echo "Going to Standalone Mode" else if [ "`grok_interface $INTERNALIF`" != "1" ]; then echo "$INTERNALIF unavailable." echo "Going to Standalone Mode" STANDALONE="1" else echo "found $INTERNALIF" echo "Internal Interface Data:" echo "Address: `grok_address $INTERNALIF`" echo "Network: `grok_net $INTERNALIF`" STANDALONE="0" fi fi if [ "$STANDALONE" = "0" ]; then echo -n "Checking internal interface for RFC1918" declare -i DOTQUAD1 declare -i DOTQUAD2 DOTQUAD1=`grok_net $INTERNALIF | cut -f1 -d.` DOTQUAD2=`grok_net $INTERNALIF | cut -f2 -d.` if [ "$DOTQUAD1" = "10" ]; then MASQUERADE="1" echo "...Class A found" echo "Going to Masq Mode" elif [ "$DOTQUAD1" = "192" -a "$DOTQUAD2" = "168" ]; then MASQUERADE="1" echo "...Class C found" echo "Going to Masq Mode" elif [ "$DOTQUAD1" = "172" -a $DOTQUAD2 -gt 15 -a $DOTQUAD2 -lt 32 ]; then MASQUERADE="1" echo "...Class B found" echo "Going to Masq Mode" else echo "...None found" echo "Going to Routable Mode" MASQUERADE="0" fi fi function flush_rulesets { # No parameters echo -n "Flushing rulesets.." # filter table iptables -F echo -n "." # nat table iptables -t nat -F echo -n "." #mangle table iptables -t mangle -F echo -n "." echo "Done!" } function masq_setup { # Parameters: internalnet, externalnet, internal interface, external interface echo -n "Masquerading.." # Forward internal to external and external to internal net traffic # from and to outside iptables -A FORWARD -d 0/0 -s $1 -o $4 -j ACCEPT echo -n "." iptables -A FORWARD -d $1 -s 0/0 -i $4 -j ACCEPT echo -n "." # Masquerade internal to external traffic going out on the external interface # using the nat table. iptables -t nat -A POSTROUTING -d 0/0 -s $1 -o $4 -j MASQUERADE echo -n "." # Set INPUT rules in this situation # in from internal interface iptables -A INPUT -d $1 -s $1 -i $3 -j ACCEPT echo -n "." # in from outside iptables -A INPUT -d $2 -s 0/0 -i $4 -j ACCEPT echo -n "." # Set OUTPUT rules in this situation # Internal traffic out iptables -A OUTPUT -d $1 -s $1 -j ACCEPT echo -n "." # Out from anywhere on internal network iptables -A OUTPUT -d 0/0 -s $1 -j ACCEPT echo -n "." # Out from anywhere on external network iptables -A OUTPUT -d 0/0 -s $2 -j ACCEPT # set Default rule on FORWARD chain to DROP iptables -P FORWARD DROP echo -n "." echo "Done!" } function routable_setup { # Parameters: internalnet, externalnet echo -n "Forwarding.." # Forward internal-internal traffic iptables -A FORWARD -s $1 -d $1 -j ACCEPT echo -n "." # Forward external interface direct iptables -A FORWARD -s $2 -d $0/0 -j ACCEPT echo -n "." # Forward internal network going outside iptables -A FORWARD -s $1 -d $1 -j ACCEPT echo -n "." # Forward external network going inside iptables -A FORWARD -s $2 -d $1 -j ACCEPT echo -n "." echo "Done!" } function loopback { # Parameters: No parameters echo -n "Loopback..." iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT echo "Done!" } function tos_setup { # Parameters: No parameters echo -n "TOS flags.." iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport www iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport telnet iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport ftp echo -n "..." # Set ftp-data for maximum throughput iptables -t mangle -m tos --tos 8 -A PREROUTING -p tcp --dport ftp-data echo -n "." echo "Done!" } function outbound_setup { # Parameters: internalnet echo -n "Outbound connections.." iptables -A INPUT -s $1 -d 0/0 -j ACCEPT iptables -A OUTPUT -s $1 -d 0/0 -j ACCEPT echo -n ".." echo "Done!" } function standard_rules { # Parameters: target, standalone, internalif # ---------------------------------------------------------- Trusted Networks - # Add in any rules to specifically allow connections from hosts/nets that # would otherwise be blocked. # echo -n "Trusted Networks.." # iptables -A INPUT -p <protocol> -<d/s>port <ports> -s [trusted host/net] -d $1 -j ACCEPT # echo -n "." # echo "Done!" # ----------------------------------------------------------- Banned Networks - # Add in any rules to specifically block connections from hosts/nets that # have been known to cause you problems. These packets are logged. ## echo -n "Banned Networks.." not adjusted to iptables yet # This one is generic # iptables -A INPUT -l -s [banned host/net] -d $1 <ports> -j DROP # echo -n "." # This one blocks ICMP attacks # iptables -A INPUT -l -b -i $LOCALIF -p icmp -s [host/net] -d $1 -j DROP # echo -n "." # echo "Done!" # ------------------------------------------------------ @home-specific rules - # This @home stuff is pretty specific to me (terminus). I get massive port # scans from my neighbors and from pokey admins at @home, so I just got harsh # and blocked all their stuff, with a few exceptions, listed below. # # If someone out there finds out the ip ranges of JUST tci@home, let me know # so i don't end up blocking ALL cablemodems like it's doing now. echo -n "Cable Modem Nets.." # so we can check mail, use the proxy server, hit @home's webpage. # you will want to set these to your local servers, and uncomment them # iptables -A INPUT -p tcp -dport 1023:65535 -s ha1.rdc1.wa.home.com -d $1 -j ACCEPT # iptables -A INPUT -p tcp -dport 1023:65535 -s mail.tcma1.wa.home.com -d $1 -j ACCEPT # iptables -A INPUT -p tcp -dport 1023:65535 -s www.tcma1.wa.home.com -d $1 -j ACCEPT # iptables -A INPUT -p tcp -dport 1023:65535 -s proxy.tcma1.wa.home.com -d $1 -j ACCEPT # echo -n "...." # so we can resolve the above hostnames, allow dns queries back to us # iptables -A INPUT -p tcp -dport 1023:65535 -s ns1.home.net -d $1 -j ACCEPT # iptables -A INPUT -p tcp -dport 1023:65535 -s ns2.home.net -d $1 -j ACCEPT # iptables -A INPUT -p udp -dport 1023:65535 -s ns1.home.net -d $1 -j ACCEPT # iptables -A INPUT -p udp -dport 1023:65535 -s ns2.home.net -d $1 -j ACCEPT # echo -n ".." # linux iptables building script page (I think) # iptables -A INPUT -p tcp -dport 1023:65535 -s 24.128.61.117 -d $1 -j ACCEPT # echo -n "." # Non-@home users may want to leave this uncommented, just to block all # the wannabe crackers. Add any @home hosts you want to allow BEFORE this line. # Blast all other @home connections into infinity and log them. # iptables -A INPUT -s 24.0.0.0/8 -d $1 -j LOG # iptables -A INPUT -s 24.0.0.0/8 -d $1 -j DROP # echo -n "." # Nuke any connections from @home's portscanners (ops-scan.home.com) # Note: These are a moving target - apply locally as required. iptables -A INPUT -s 24.0.84.130 -d $1 -j LOG iptables -A INPUT -s 24.0.84.130 -d $1 -j DROP echo -n "." echo "Done!" # ---------------------------- Specific port blocks on the external interface - # This section blocks off ports/services to the outside that have # vulnerabilities. This will not affect the ability to use these services # within your network. Connections to these ports are logged to syslog. echo -n "Port Blocks.." # NetBEUI/Samba iptables -A INPUT -p tcp --dport 137:139 -s 0/0 -d $1 -j DROP iptables -A INPUT -p udp --dport 137:139 -s 0/0 -d $1 -j DROP echo -n "." # Line Printer Daemon (courtesy of Blair Steenerson <blair(a)steenerson.com>) iptables -A INPUT -p tcp --dport 515 -s 0/0 -d $1 -j DROP iptables -A INPUT -p udp --dport 515 -s 0/0 -d $1 -j DROP echo -n "." # Microsoft SQL iptables -A INPUT -p tcp --dport 1433 -s 0/0 -d $1 -j DROP iptables -A INPUT -p udp --dport 1433 -s 0/0 -d $1 -j DROP echo -n "." # Postgres SQL iptables -A INPUT -p tcp --dport 5432 -s 0/0 -d $1 -j DROP iptables -A INPUT -p udp --dport 5432 -s 0/0 -d $1 -j DROP echo -n "." # Network File System iptables -A INPUT -p tcp --dport 2049 -s 0/0 -d $1 -j DROP iptables -A INPUT -p udp --dport 2049 -s 0/0 -d $1 -j DROP echo -n "." # MySQL iptables -A INPUT -p tcp --dport 3306 -s 0/0 -d $1 -j DROP iptables -A INPUT -p udp --dport 3306 -s 0/0 -d $1 -j DROP echo -n "." # X Displays iptables -A INPUT -p tcp --dport 5999:6010 -s 0/0 -d $1 -j DROP iptables -A INPUT -p udp --dport 5999:6010 -s 0/0 -d $1 -j DROP echo -n "." # X Font Server :0-:2- iptables -A INPUT -p tcp --dport 7100:7101 -s 0/0 -d $1 -j DROP iptables -A INPUT -p udp --dport 7100:7101 -s 0/0 -d $1 -j DROP echo -n "." # Back Orifice (logged) iptables -A INPUT -p tcp --dport 31337 -s 0/0 -d $1 -j LOG iptables -A INPUT -p tcp --dport 31337 -s 0/0 -d $1 -j DROP iptables -A INPUT -p udp --dport 31337 -s 0/0 -d $1 -j LOG iptables -A INPUT -p udp --dport 31337 -s 0/0 -d $1 -j DROP echo -n "." # NetBus (logged) iptables -A INPUT -p tcp --dport 12345:12346 -s 0/0 -d $1 -j LOG iptables -A INPUT -p tcp --dport 12345:12346 -s 0/0 -d $1 -j DROP iptables -A INPUT -p udp --dport 12345:12346 -s 0/0 -d $1 -j LOG iptables -A INPUT -p udp --dport 12345:12346 -s 0/0 -d $1 -j DROP echo -n "." echo "Done!" # --------------------------------------------------- High Unprivileged ports - # These are opened up to allow sockets created by connections allowed by # iptables echo -n "High Ports.." iptables -A INPUT -p tcp --dport 1023:65535 -s 0/0 -d $1 -j ACCEPT iptables -A INPUT -p udp --dport 1023:65535 -s 0/0 -d $1 -j ACCEPT echo -n "." echo "Done!" # ------------------------------------------------------------ Basic Services - echo -n "Services.." # ftp-data (20) and ftp (21) #iptables -A INPUT -p tcp --dport 20 -s 0/0 -d $1 -j ACCEPT #iptables -A INPUT -p tcp --dport 21 -s 0/0 -d $1 -j ACCEPT #echo -n ".." # ssh (22) iptables -A INPUT -p tcp --dport 22 -s 0/0 -d $1 -j ACCEPT echo -n "." # telnet (23) # iptables -A INPUT -p tcp --dport 23 -s 0/0 -d $1 -j ACCEPT # echo -n "." # smtp (25) # iptables -A INPUT -p tcp --dport 25 -s 0/0 -d $1 -j ACCEPT # echo -n "." # DNS (53) #iptables -A INPUT -p tcp --dport 53 -s 0/0 -d $1 -j ACCEPT #iptables -A INPUT -p udp --dport 53-s 0/0 -d $1 -j ACCEPT #echo -n ".." if [ "$2" != "1" ]; then # DHCP on LAN side (to make @Home DHCP work) (67/68) # iptables -A INPUT -i $3 -p udp --dport 67 -s 0/0 -d 255.255.255.255/24 -j ACCEPT # iptables -A OUTPUT -i $3 -p udp --dport 68 -s 0/0 -d 255.255.255.255/24 -j ACCEPT echo -n ".." fi # http (80) #iptables -A INPUT -p tcp --dport 80 -s 0/0 -d $1 -j ACCEPT #echo -n "." # POP-3 (110) # iptables -A INPUT -p tcp --dport 110 -s 0/0 -d $1 -j ACCEPT # echo -n "." # identd (113) #iptables -A INPUT -p tcp --dport 113 -s 0/0 -d $1 -j ACCEPT #echo -n "." # nntp (119) # iptables -A INPUT -p tcp --dport 119 -s 0/0 -d $1 -j ACCEPT # echo -n "." # https (443) # iptables -A INPUT -p tcp --dport 443 -s 0/0 -d $1 -j ACCEPT # echo -n "." # ICQ Services (it's a server service) (4000) # iptables -A INPUT -p tcp --dport 4000 -s 0/0 -d $1 -j ACCEPT # echo -n "." echo "Done!" # ---------------------------------------------------------------------- ICMP - echo -n "ICMP Rules.." # Use this to DROP ICMP attacks from specific addresses # iptables -A INPUT -i $EXTERNALIF -p icmp -s <address> -d 0/0 -j DROP # echo -n "." # Allow incoming ICMP iptables -A INPUT -p icmp -s 0/0 -d $1 -j ACCEPT echo -n ".." # Allow outgoing ICMP iptables -A OUTPUT -p icmp -s $1 -d 0/0 -j ACCEPT echo -n "...." echo "Done!" } function reset_policy { # Parameters: no parameters iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT } function set_policy { # Parameters: no parameters iptables -P INPUT DROP iptables -P OUTPUT DROP } function set_timeouts { # Parameters: no parameters # not adjusted for iptables yet echo -n "Setting iptables timeout for tcp tcpfin udp.. " #iptables -M -S 3600 150 1000 echo "Done!" } reset_policy flush_rulesets if [ "$STANDALONE" = "1" ]; then TARGET=`grok_net $EXTERNALIF` else if [ "$MASQUERADE" = "1" ]; then TARGET=`grok_address $EXTERNALIF` INTERNALNET=`grok_net $INTERNALIF` EXTERNALNET=`grok_net $EXTERNALIF` set_timeouts masq_setup $INTERNALNET $TARGET $INTERNALIF $EXTERNALIF else TARGET=`grok_net $INTERNALIF` INTERNALNET=`grok_net $INTERNALIF` EXTERNALNET=`grok_net $EXTERNALIF` outbound_setup $INTERNALNET routable_setup $INTERNALNET $EXTERNALNET fi fi tos_setup loopback standard_rules $TARGET $STANDALONE $INTERNALIF #configure_vpn $INTERNALNET $EXTERNALNET set_policy export PATH=$ORIGPATH exit

3 years, 4 months

2
1
0 0

list still working

by Brian E. Lavender

I applied security updates to the server and I just want to make sure it still works. -- Brian Lavender http://www.brie.com/brian/ "There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies." Professor C. A. R. Hoare The 1980 Turing award lecture

3 years, 5 months

3
7
0 0

2026

2025

2024

2023

2022

Lug-nuts October 2022